mHow

@dyn___ @XorNinja Is your friend Jon Erickson? 😅 I think the first time I learned of format string specifier vulnerabilities was from his book quite a while ago 😁

@mh0ward @XorNinja From a friend who found this using LLMs: "...to be interpreted as actual format specifiers, resulting in the leakage of information, or in a crash, or possibly in arbitrary memory writes" cgit.git.savannah.gnu.org/cgit/nano.git/…

We asked Claude to find a bug in Vim. It found an RCE. Just open a file, and you’re owned. We joked: fine, we’ll switch to Emacs. Then Claude found an RCE there too. Full story: blog.calif.io/p/mad-bugs-vim…

Huge Anthropic leak just dropped: the entire Claude Code CLI source is now public. A misconfigured .map file in their npm package exposed a direct download link to the full unobfuscated TypeScript codebase from Anthropic’s own R2 bucket. Discovered by Chaofan Shou (@Fried_rice), the dump is massive 1,900 files, 512,000+ lines including the complete tool system, 50+ slash commands, multi-agent coordinator, React/Ink terminal UI, IDE bridge, permission engine, and several unreleased features. Full repo is live on GitHub(@nichxbt ): github.com/nirholas/claud… Clean mirrors are already up for easy browsing(@baanditeagle): cc-poster.vercel.app cc-hidden-deploy.vercel.app It’s spreading fast, the entire dev community is already tearing through it.

We found a critical vulnerability in @OpenAI Codex affecting all Codex users, allowing exfil of a victim’s GitHub tokens to our C2 server. This granted lateral movement and R/W access to a victim’s entire code base 😈 This was a crazy one by @crew7sec at @btphantomlabs

@amal and @DangerousThings is doing something fun, proxmark3.app Interactive webshell, needs #chrome #edge to work

So we’ve gone from coal miner scrip to digital miner scrip…

@Motor1com Any idea if the new Tremec 6spd manual will be a factory option yet?

Finally, more photos of the new Grand Sport.

After 5 months of development, I'm releasing EvilWAF v2.4 - a MITM proxy that makes ANY tool bypass WAFs github.com/matrixleons/ev…

I finally let Claude do my pentest this week. Full 5-day engagement, zero human input. Here's what the client got: 😏 clawd.it/posts/10-repla… #bugbounty #pentesting #AI #cybersecurity #infosec #claudeai

Look.. it's a Conditional Access policy simulator built by an infra architect guy who got tired of squinting at What If results 🫠 Shiny graphs yay! 🔗ca.haakonwibe.com No sign-in needed, click Sample Data and play around. Or connect to your own data - all's in browser.

🚨 ALERT: Around 149M user credentials were exposed in a massive infostealer data dump, including roughly 420k Binance-related logins. The leak originated from malware-infected devices, not a Binance breach.

@thedawgyg If you’re completely new to exploit dev, this is probably worth taking a look at: corelan.be/index.php/arti… It’s fairly old at this point and for 32-bit, but still good for learning concepts and bypass techniques. For example, chaining ROP gadgets is still relevant.

So maybe this will work lol... I am looking to find some people (or person) that know about exploit dev. I can find the crashes/vulns but I dont know how to take the info and then create an exploit (POC exploits, not looking to make malicious exploits). Anyone out there that has the experience in taking library/software bugs/vulns and turning them into the chains needed willing to work with me to help me learn? Would be down to work out agreements to make sure its worth the time and effort of course for all involved, as i know this is likely something that will take alot of effort. #bugbounty #exploit #exploitdev #0day

WSL2 is a powerful attacker hideout because it runs as a separate Hyper-V VM, and defenders rarely monitor it. Daniel Mayer explains how attackers pivot into WSL2 and what it took to build tooling that works across WSL2 versions. Read more ⤵️ ghst.ly/45fPUma

Today, Project Zero released a 0-click exploit chain for the Pixel 9. While it targets the Pixel, the 0-click bug and exploit techniques we used apply to most other Android devices. projectzero.google/2026/01/pixel-…

Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison bleepingcomputer.com/news/security/…

Cloudflare hides 19.3% of all websites—but not perfectly. CloudRip scans subdomains to find IPs not behind Cloudflare protection, exposing the real origin server: hackers-arise.com/web-app-hackin… @three_cube

HTML tag names must start with an ASCII letter. If they don’t… jsfiddle.net/4v6xksaf/ #xss

Dumping juicy secrets from SAM/LSA is always nice right? I've added an implementation for the --sam and --lsa flags to the MSSQL protocol of NetExec🚀 No need for manual registry hive extraction anymore!

When testing GraphQL APIs make sure to run graphw00f (github.com/dolevf/graphw0…) to fingerprint the specific GraphQL implementation the application is running. Then you can review the Threat Matrix to get likely attack vectors.